Re-land #281 unlocks (PolicyRewriter, DomainProfile) — orphaned by merge order#284
Merged
Merged
Conversation
- Added pub mod policy gate behind auth-rls-lite (PolicyRewriter trait + ColumnMaskRewriter from epiphany E1) - Added trajectory-audit feature alias on lance-graph-contract for the forward-stub step_trajectory_hash helper (E4 cross-PR bridge)
3 tasks
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 176566087c
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| // row encryption, differential privacy stubs) sharing the OptimizerRule slot | ||
| // with the existing RLS rewriter. Gated on auth-rls-lite (where the | ||
| // DataFusion types live). | ||
| #[cfg(any(feature = "auth-rls-lite", feature = "auth-rls", feature = "auth", feature = "full"))] |
There was a problem hiding this comment.
policy module to features that compile its rewriters
policy is exported for auth-rls, auth, and full, but the key API (PolicyRewriter, ColumnMaskRewriter, and its OptimizerRule impl) is compiled only under auth-rls-lite in policy.rs. In a full build, consumers can import lance_graph_callcenter::policy but cannot use the advertised rewriter types, which creates a feature-flag mismatch and breaks downstream code that expects the policy rewriter surface to exist when policy is present.
Useful? React with 👍 / 👎.
AdaWorldAPI
added a commit
that referenced
this pull request
Apr 30, 2026
Sprint C agent (PR #311) flagged five staleness items in the vision doc that were out of its §7-only scope. Closing the debt now: Header DRAFT - pending review (2026-04-28) -> Status: F1 parity shipped 2026-04-30. F1 latency benchmark not yet started. F2 is a posture, not a delivery. §2 anchor as of 2026-04-28 -> as of 2026-04-30 (post-F1 parity ship) §2 latency cell Designed to match; F1 numbers (forward tense) -> Designed to match; benchmark pending §2 caveat F1 publishes the first numbers (forward tense) -> F1 parity has shipped (correctness); the separately-scoped F1 latency benchmark has not been started. Distinguishes the two sub-deliverables explicitly. §3 F1 We stand up a Foundry instance... (forward) -> Shipped 2026-04-30. Cross-link to §7's as-shipped architecture. §3 F2 gated upstream by lance-graph PR-1 / PR-2 -> lance-graph PR #278 + #280 + #284 (RLS) and PR #278 + #302 (audit). Status today: lance-graph in production; medcare-rs adopter not yet open. Posture, not delivery. §3 F3 gated upstream by lance-graph PR-4 -> lance-graph PR #278 + #280 (parser + hardening). Status today: parser stub on lance-graph main; medcare-rs adopter is future round-2 work. §4 benchmark harness lands as part of F1 F1 numbers are published (both forward tense) -> F1 parity (correctness) shipped; F1 latency benchmarking has not been started. The two are separately-scoped F1 sub-deliverables. What this PR does NOT touch: - F4, F5, §5 (risks), §6 (NOT promising), §7 (next deliverable just landed in PR #311 - clean already). - The vision doc's tone rule. Every change cites a concrete PR number or file path; no marketing language introduced. - Performance numbers. None claimed; the §4 'do not quote unbenchmarked numbers' rule is preserved verbatim. Diff: +41 / -26 across 1 file. Markdown renders cleanly. Cross-link: PR #311 (the §7 fix that motivated this cleanup).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why this PR exists
PR #281 was marked merged but the unlock content never landed on
main. The merge order on 2026-04-29 was:#281 landed on the orphaned branch tip
2190edaa, which is no longer reachable from main. The three unlock commits sit there with nowhere to go.This PR brings that content forward against the current
main. No content change vs the original #281 — same three commits, same +496 / -0 footprint.What's wired
A-unlock-policy(99f67a0) — GeneralisedPolicyRewritertrait +ColumnMaskRewriter(epiphany E1)A-unlock-stepdomain(bb6a5eb) —DomainProfilewith HIPAA-grade thresholds + verb taxonomy seam (E5) +Displayimpl onStepDomainA-META R2 unlocks(1765660) — Wires thepolicymodule +trajectory-auditfeature stubFiles changed (vs current main)
Verification
git merge --no-commit --no-ffof branch onto current main → "Automatic merge went well", exit 06133eb2) and current main (218c2cf) — onlycrates/lance-graph-contract/src/grammar/context_chain.rschanged in that window (PR fix: Grammar/Markov hardening — slice unification, kernel wiring, parser tests, triangle distance #282), which this PR doesn't touchcargo checkand 63 tests greenCross-link
Generated by Claude Code
Generated by Claude Code